Key Capabilities
Hi, I have read about the following key capabilites: - sign - encrypt - authenticate - certification When I generate an RSA key, GPG provides the capabilities sign, encrypt and authenticate (in expert mode), but not certification. Is certification somethin that is actually implemented or planned for the near future? What usage is expected to depend on this capability? Cheers, Olaf -- Dipl.Inform. Olaf Gellert PRESECURE (R) Senior Researcher, Consulting GmbH Phone: (+49) 0700 / PRESECURE [EMAIL PROTECTED] A daily view on Internet Attacks https://www.ecsirt.net/sensornet ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Key Capabilities
On Thu, Nov 17, 2005 at 02:34:06PM +0100, Olaf Gellert wrote: Hi, I have read about the following key capabilites: - sign - encrypt - authenticate - certification When I generate an RSA key, GPG provides the capabilities sign, encrypt and authenticate (in expert mode), but not certification. Is certification somethin that is actually implemented or planned for the near future? What usage is expected to depend on this capability? Certification is just the ability to sign other keys. All primary keys, by definition, are able to certify, so the flag is not very meaningful there. In GPG 1.4.2 the key generation menu doesn't show you certification as an option, but it does automatically set the flag behind the scenes. 1.4.3 is a little different. To make things clearer, 1.4.3 does show certification in the list of flags, but you can't turn it off (as this would violate OpenPGP). David ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Key Capabilities
Olaf Gellert wrote: When I generate an RSA key, GPG provides the capabilities sign, encrypt and authenticate (in expert mode), but not certification. Certification is always used automatically for the primary (signing) key. If you edit your key (gpg --edit-key foo) you'll see a Usage: CS for the primary key. Is certification somethin that is actually implemented or planned for the near future? It is actually implemented (its one of the most basic features: signing keys What usage is expected to depend on this capability? Cryptographically it is about the same as normal signing, it simly denotes that a key may be used to sign other keys. Best wishes, Chris. begin:vcard fn:Mitterer, Christoph Anton n:Mitterer;Christoph Anton org:Munich University of Applied Sciences;Department of Mathematics and Computer Science adr;quoted-printable;quoted-printable:;;Lothstra=C3=9Fe 34;M=C3=BCnchen;Freistaat Bayern;80335;Federal Republic of Germany email;internet:[EMAIL PROTECTED] tel;home:+49 89 24409568 tel;cell:+49 172 8617341 x-mozilla-html:TRUE url:http://fhm.edu/ version:2.1 end:vcard ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users